Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DHCP6 Server missing IAID field for reservations

    Scheduled Pinned Locked Moved IPv6
    7 Posts 3 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      JasonTracy
      last edited by

      I have two devices that have both ethernet and wireless connectivity. One Mac, one Windows. Both use a single DUID, with a unique IAID for the wireless connection.

      I'd like to be able to reserve their wireless DHCP6 connection, but there is no IAID field, so the reservation is rejected as being a duplicate DUID, which is true, but shouldn't break it with a unique IAID.

      1 Reply Last reply Reply Quote 0
      • D
        doktornotor Banned
        last edited by

        Creating duplicate DHCP reservations is not possible neither with IPv4, nor with IPv6. Not to mention that it's a bad idea. Just move on.

        1 Reply Last reply Reply Quote 0
        • J
          JasonTracy
          last edited by

          I'm doing today with IPv4.
          The wired NIC and the wireless NIC have unique MAC addresses. In IPv4, the MAC address is the unique ID, so it works.

          In IPv6, it uses the DUID for a unique PC ID, and the IAID is used for unique NICs.

          Not moving on. We have to push for parity on IPv6 support.

          1 Reply Last reply Reply Quote 0
          • D
            doktornotor Banned
            last edited by

            Yeah, good luck. Last time this was discussed it was not implemented in the ISC DHCP at all. https://forum.pfsense.org/index.php?topic=47793.0

            (As for pushing, I'd rather push for sane design. This nonsense that gets duplicated when you distribute OS images but changes when you reinstall the machine and is impossible to preconfigure on the server is just giant BS.)

            1 Reply Last reply Reply Quote 0
            • J
              JasonTracy
              last edited by

              It appears Windows DHCPv6 supports IAID: https://technet.microsoft.com/en-us/library/jj590697.aspx

              If you don't agree with what I'm trying to do, perhaps you can suggest a better design?

              My goal is to quickly identify computers on my internal network when they access an external resource. I'm going for security, not privacy. (you can have either perfect security or perfect privacy, but not both).

              So, I could go with rDNS and let the clients autoconfigure and dynamically register their names, but I don't own the IP range that is assigned to me, my ISP does.

              I could go with static assignments, but that breaks the portability of the wireless connections on these devices.

              I'm trying to use DHCPv6, but you're saying that pfSense just won't do what I'm trying to do, and I shouldn't bother pushing to get it to do so even though other DHCPv6 implementations can do it.

              What is your solution?

              1 Reply Last reply Reply Quote 0
              • R
                richardd
                last edited by

                I agree with JasonTracy.

                In my environment, it is very common to have laptops with wired + wireless interfaces connected to the same network for good reasons. I think this is a common use case. With the current DHCP6 in pfSense (relying on DUID only), both interfaces get the same IPv6 address and that breaks all IPv6 connectivity.

                What I'm missing in pfSense DHCP6 is the option to use the MAC address for identification instead of DUID, just like in IPv4 DHCP. Or to use DUID + IAID.

                1 Reply Last reply Reply Quote 0
                • D
                  doktornotor Banned
                  last edited by

                  @richardd:

                  What I'm missing in pfSense DHCP6 is the option to use the MAC address for identification

                  No such thing exists for DHCP6.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.